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REMARKS 

This paper is responsive to the Non-Final Office action dated January 23, 2007. Claims 
1-4 were examined, all of which were rejected. Claim 1 has been amended to better distinguish 
over the art and new claims 5-22 have been added to establish a more appropriate scope of 
protection. 

Claim Rejections Under 35 U.S.C. § 103 

Claims 1-4 stand rejected under 35 U.S.C. § 103(a) as being unpatentable over U.S. 
Patent No. 5,632,01 1 to Landfield (hereinafter "Landfield") and in view of S. Kent, "Privacy 
Enhancement for Internet Electronic Mail, Part II: Certificate-Based Key Management," 
Network Working Group Request for Comments 1442, February 1993 (hereinafter RFC 1442). 
The rejections are traversed-in-part and in-part overcome by amendments. 

As Applicant understands the Office's rejection, it appears that the Office (i) relies on 
Landfield for disclosure of a firewall host system that manages electronic mail queues, (ii) 
acknowledges that does not disclose or suggest extracting and validating signature data from a 
message and taking action at the firewall host based on validation status and (iii) turns to 
RFC 1442 for disclosure handling of digital signatures in a privacy enhanced message 
framework. Based on the combined teachings of Landfield and RFC 1442, the Office concludes 
obviousness alleging first that each of the elements of Applicant's claims is described in the 
combined disclosure and second that it would have been obvious at the time Applicant's 
invention was made to combine the teachings of Landfield and RFC 1442. 

Applicant appreciates the Office's argument, but respectfully notes that, contrary to 
allegations, the combined teachings of Landfield and RFC 1442 simply do not result in the 
subject matter claimed by Applicant. Indeed, a closer review of the reference reveals that 
RFC 1442 dictates a validation by the message recipient not by a relay or other intermediary. 

Upon receipt of a privacy enhanced message, a recipient 
validates the originator's certificate (using the IPRA 
public component as the root of a certification path) , 
checks to ensure that it has not been revoked, extracts the 
public component from the certificate, and uses that value 
to recover (decrypt) the MIC. 
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RFC 1442, page 4 (emphasis added). 

Merely displaying the PEM-protected message content, 
containing an originator name from the native mail system, 
does not provide equivalent security functionality and 
could allow spoofing. If the recipient of a message is a 
forwarding agent such as a list exploder or mail relay, 
display of the originator's DN is not a relevant 
requirement. In all cases the essential requirement is 
that the ultimate recipient of a PEM message be able to 
ascertain the identity of the originator based on the PEM 
certification system, not on unauthenticated identification 
information, e.g., extracted from the native message 
system. 

RFC 1442, page 27 (emphasis added). 

Also note that these procedures apply to human interaction 
in message submission and delivery and are not directly 
applicable to forwarding processes . 

RFC 1442, page 29 (emphasis added). 

Clearly, based on the requirements of RFC 1442 itself, any extraction and validation of a 
digital signature is to be performed by the ultimate recipient, not an intermediary. Therefore, 
consistent with the teachings of Landfield and RFC 1442, proper combination (consistent with 
the law of obviousness) would not provide extraction and validation of a digital signature at an 
intermediate e-mail relay as recited in claim 1 (as amended). Accordingly, amended claim 1 
and those dependent therefrom are allowable. 

For slightly different though analogous reasons, new independent claims 9 and 22 and 
dependent claim 21, each of which recite validation-based decision-making at an e-mail relay (or 
upon execution of instructions on a properly situated computer) regarding 

... whether the intercepted e-mail message should (i) be 

allowed to continue along the message communication 
path toward an intended recipient thereof or (ii) be 
diverted therefrom 

are also allowable together with the claims that depend therefrom. Neither Landfield, nor 
RFC 1442, taken alone or in combination, disclose or suggest the claimed invention(s). 
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Similarly, relative to new independent claim 20, neither Landfield and RFC 1442 disclose 
or suggest either (i) restrictions, implemented an e-mail firewall, on transmission of e-mail 
messages in accordance with a signature policy or (ii) the particular configuration and use of a 
suite of policy managers (access, content, virus and security) recited therein. Claims 20 and 21 
are allowable for at least this reason and a notice to that effect is respectfully requested. 

Priority Claim(s) 

The Examiner has questioned the viability of Applicant's priority claim to U.S. 
Application 09/967,1 17. Applicant respectfully notes the addition of new claims, including 
claim 20, which is unambiguously supported by disclosure of both U.S. Application 09/967,1 17 
and it's predecessor, U.S. Application 09/180,377. 

Furthermore, Applicant notes that the priority application discloses a process whereby 
signature verification is performed using a security manager (and associated policies) of an e- 
mail firewall for at least messages containing certain types of attachments. See e.g., '117 
Application, col. 6, lines 21-23. Applicant further notes description relating to FIGs. 5(a) and 
5(b) appearing in the '1 17 Application at col. 6, lines 54-60 and at col. 8, line 36 - col. 9, line 30 
concerning application and verification at email firewall endpoints of an "object level e-mail 
VPN" of digital signatures. 

In view of the foregoing, priority is proper. 

Conclusion 

In summary, claims 1-22 are in the case. All claims are believed to be allowable over the 
art of record, and a Notice of Allowance to that effect is respectfully solicited. Nonetheless, if 
any issues remain that could be more efficiently handled by telephone, the Examiner is requested 
to call the undersigned at the number listed below. 
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CERTIFICATE OF MAILING OR TRANSMISSION 

I hereby certify that, on the date shown below, this 
correspondence isyb€ir}g 

□ deposited/with the US PostaJ'Sdrvice with sufficient postage 
as first-lass majl in an envelope addressed as shown above. 

□ facs^ilerranynitted^th^USPTO. 
S transmij^d/ising tJrfeJ^PTO electronic filing system. 


David W. O'Brien 


Date 


EXPRESS MAIL LABEL: 



Javid W. O'Brien, Reg. No. 40,107 
Attorney for Applicant(s) 
(512) 338-6314 (direct) 
(512) 338-6300 (main) 
(512) 338-6301 (fax) 
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